CVE-2024-8403

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-8403
Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://jvn.jp/vu/JVNVU97790713/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-324-01
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-009_en.pdf
Configurations

No configuration.

History

31 Mar 2026, 05:16

Type Values Removed Values Added
Summary (en) Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets. (en) Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.

20 Nov 2024, 01:15

Type Values Removed Values Added
References
  • () https://www.cisa.gov/news-events/ics-advisories/icsa-24-324-01 -

19 Nov 2024, 21:57

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de validación incorrecta del tipo de entrada especificado en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versiones 1.100 y posteriores y FX5-ENET/IP versiones 1.100 a 1.104 permite a un atacante remoto provocar una condición de denegación de servicio en la comunicación Ethernet de los productos mediante el envío de paquetes SLMP especialmente manipulados.

19 Nov 2024, 06:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-19 06:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-8403

Mitre link : CVE-2024-8403

CVE.ORG link : CVE-2024-8403

JSON object : View

Products Affected

No product.

CWE
CWE-1287

Improper Validation of Specified Type of Input